[FoRK] Fwd: What It’s Like to Get a National-Security Letter

David Edmondson dme at dme.org
Mon Jul 1 07:56:06 PDT 2013


On Mon, Jul 01 2013, Eugen Leitl wrote:
> On Mon, Jul 01, 2013 at 03:23:10PM +0100, David Edmondson wrote:
>> On Mon, Jul 01 2013, Eugen Leitl wrote:
>> > On Mon, Jul 01, 2013 at 12:40:31PM +1000, Noon Silk wrote:
>> >> interesting read.
>> >> 
>> >> last line is also nice:
>> >> 
>> >> ------------------------------------------------------------------------------------------------------------
>> >> 
>> >> *Do you encrypt all your own e-mail, as a result of this stuff?*
>> >> 
>> >> No, that’s really hard.
>> >
>> > No, it isn't. Encryption is easy, key management is hard.
>> 
>> Maybe that explains "not verified"?
>
> Self-signed certs between trusted end points are a lot better
> than CAs that aid and abet the enemy.

But they leave you open to a variety of MITM attacks, as you indicated.
(I don't want to use traditional CAs, but would like a PGP-like
web-of-trust for these TLS connections.)

>> Then the messages are un-encrypted whilst at rest on the xent.com
>> disks. Then they are un-encrypted whilst at rest on the recipients
>> machine.
>
> You don't know what.

That's really my point. When the chain is let down by the weakest link,
trumpeting that a single SMTP hop used TLS is weak.

> With a layered defense approach you would be e.g. adding GPG
> encryption gateways, crypto fs, hardened systems with working IDS, and
> so on. If you use enough layered paper, it eventually will stop
> bullets.
>
>> I'm in favour of what you've described, but it's not really that big a
>> deal.
>
> I think it is a very big deal, since such opportunistic, "weak" methods
> make passive attacks like Narus prohibitively expensive, and require
> the attacker to fall back to active methods, which are hard to scale
> since not automatable, and are detectable in principle (and interceptors
> need to be wary not stepping into a honeypot, and showing superior
> capabilities, which are so far only in operation in targeted attacks
> on dissidents in totalitarian regimes).

I should have said "not that big a deal on its' own".

The original assertion was "encrypting all your own email is hard",
which I think is still true. The laundry list of elements that you threw
out just goes to prove how hard it is. Is anyone wandering around
bullet-proofed by lots of layers of paper?


More information about the FoRK mailing list